June 25, 2019 By BlueAlly
Fortinet to secure applications on AWS with FortiWeb Cloud WAF-as-a-Service
SUNNYVALE, Calif. - Jun 25, 2019
John Maddison, EVP of Products and Solutions at Fortinet
“As organizations increasingly build out their business in the cloud and use web applications, they increase their exposure to known and unknown targeted attacks. Delivered through the Fortinet Security Fabric, FortiWeb Cloud Web Application Firewall (WAF)-as-a-Service allows organizations to rapidly deploy web applications while providing best-in-class security for mission-critical applications.”
News Summary
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the addition of FortiWeb Cloud WAF-as-a-Service to its robust cloud security portfolio offerings. FortiWeb Cloud WAF-as-a-Service on Amazon Web Services (AWS) allows organizations to rapidly deploy web applications while providing best-in-class security for mission-critical applications – protecting applications and APIs from threats and addressing compliance requirements. Organizations protecting their web applications with this Software-as-a-Service (SaaS) solution can deploy the full WAF solution without the need to deploy and manage infrastructure or possess specific web application security skills, enabling rapid application deployment.
The Evolving Attack Surface in the Cloud
To keep up with digital transformation, IT teams are increasingly deploying applications to the cloud and building cloud-native applications. However, this rapid deployment can introduce vulnerabilities and requires robust security to defend the evolving attack surface and protect applications from threats. Organizations’ disaggregation of security tools compounds the challenge of protecting the attack surface. IT teams need security solutions that accurately protect web assets, are intuitive and are simple to deploy and easy to manage in order to truly take advantage of the benefits of migrating applications to the cloud or building cloud-native applications. Pairing this with the shortage of general cybersecurity expertise and web application security in particular, DevOps teams managing web applications are especially in need of security solutions that are easy to use as the resources to monitor threats across hybrid cloud environments are limited.
Reaping the Benefits of the Cloud with Fortinet’s Security-Driven Approach
Fortinet is addressing the issues that IT teams, including DevOps, face with the addition of FortiWeb Cloud WAF-as-a-Service to its cloud security portfolio. FortiWeb Cloud WAF-as-a-Service is available for purchase on AWS Marketplace or through your preferred Fortinet reseller and leverages the flexibility of AWS by automatically provisioning security protection for customers across multiple AWS Regions. As part of the Fortinet Security Fabric, FortiWeb Cloud WAF-as-a-Service provides the following benefits:
- Accurate and easy to manage Cloud WAF offering: As one of the first machine learning-enabled WAF technology in the industry, customers deploying FortiWeb Cloud WAF-as-a-Service benefit from high accuracy of detection and threat prevention, eliminating false positives and ensuring applications keep running. The solution also gives users the ability to perform a comprehensive self-tuning of policies to eliminate the operational overhead of managing a WAF service. FortiWeb Cloud WAF-as-a-Service also provides web application security that is easy to deploy and maintain with minimal configuration and management. The solution allows access to advanced configuration options when needed, removing the usual complexity required when setting up a WAF.
- Advanced threat protection for web applications: FortiWeb Cloud WAF-as-a-Service safeguards applications from vulnerability exploits, bots, malware uploads, DDoS attacks, advanced persistent threats (APTs), both unknown and zero-day attacks, among others. It also includes services from Fortinet’s award-winning FortiGuard Labs, providing signatures, sandboxing and IP reputation to ensure organizations have the latest protection and updates on threats.
- Low total cost of ownership (TCO): As a cloud-native SaaS solution deployed in the same AWS Region as an organizations’ applications, FortiWeb Cloud WAF-as-a-Service doesn’t require maintenance of hardware or software and can reduce outbound data transfer costs significantly. Organizations pay Intra-Region Data Transfer rates for traffic to the service and FortiWeb Cloud WAF-as-a-Service handles the data transfer out costs as part of its subscription. IT teams can leverage the benefits of low latency and intra-region bandwidth rates for traffic between applications and the WAF.
- Simplifies compliance requirements: Fortinet delivers FortiWeb Cloud WAF-as-a-Service using a colony of WAF gateways in the same AWS Region as an organizations’ application. This avoids potentially subjecting the application to additional regional regulatory requirements.
- Flexible purchasing options: Whether customers prefer pre-provisioned capacity or paying by the volume of processed data, FortiWeb Cloud WAF-as-a-Service supports the most suitable option for customers’ business priorities and budgetary considerations.
Supporting Quotes
“The availability of FortiWeb Cloud WAF-as-a-Service on AWS makes it easy for organizations to get a SaaS cloud-based web application firewall up and running for advanced threat protection within minutes in a single global AWS Region. Fortinet’s SaaS solution is delivered from multiple AWS Regions and runs closest to customer applications, providing customers with the flexible performance and cost benefits they desire to support their business agility.” - Dan Plastina, Vice President, Security Services, Amazon Web Services, Inc.
“At Steelcase, we’ve always viewed technology as a key differentiator. We were earlier adopters of virtualization and cloud-based solutions to drive our business forward. As we began migrating applications and workloads to the public cloud, we selected Fortinet given its robust cloud security offerings that are unified with the Fortinet Security Fabric. FortiWeb in particular has enabled Steelcase to effectively secure our web applications and has made it easier to manage operations and reports that previously were time-consuming and complex.” - Frank Stevens, Cloud Security Architect at Steelcase